CN114003963B - Method, system, network disk and storage medium for file authorization under enterprise network disk - Google Patents

Method, system, network disk and storage medium for file authorization under enterprise network disk Download PDF

Info

Publication number
CN114003963B
CN114003963B CN202111636264.2A CN202111636264A CN114003963B CN 114003963 B CN114003963 B CN 114003963B CN 202111636264 A CN202111636264 A CN 202111636264A CN 114003963 B CN114003963 B CN 114003963B
Authority
CN
China
Prior art keywords
file
label
authority
authorization
files
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111636264.2A
Other languages
Chinese (zh)
Other versions
CN114003963A (en
Inventor
王亚楠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin Lenovo Collaboration Technology Inc
Original Assignee
Tianjin Lenovo Collaboration Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin Lenovo Collaboration Technology Inc filed Critical Tianjin Lenovo Collaboration Technology Inc
Priority to CN202111636264.2A priority Critical patent/CN114003963B/en
Publication of CN114003963A publication Critical patent/CN114003963A/en
Application granted granted Critical
Publication of CN114003963B publication Critical patent/CN114003963B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

The invention provides a method, a system, a network disk and a storage medium for file authorization under an enterprise network disk, wherein the method comprises the following steps: receiving label authorization operation, determining a corresponding label, and screening all files with the same label in an enterprise network disk according to the label; determining a team or an individual authorized by the file according to the label authorization operation, and authorizing all the files with the same label to the team or the individual; and determining the authority of the authorized team or the individual according to the authority conflict processing rule. The method, the system, the network disk and the storage medium for authorizing the files under the enterprise network disk can screen and authorize the files according to the labels of the files, so that the files under the enterprise network disk are authorized quickly, and the authorization efficiency of the files is improved.

Description

Method, system, network disk and storage medium for file authorization under enterprise network disk
Technical Field
The invention belongs to the technical field of electronic information, and particularly relates to a method and a system for file authorization under an enterprise network disk, the network disk and a storage medium.
Background
With the rapid development of internet cloud computing technology, the network disk service has become a core content of the current information service. The enterprise can realize the remote storage, reading and sharing of the files through the network disk, so that the use convenience and the access flexibility of data materials can be greatly improved, and the operation efficiency of the enterprise is improved.
When data materials in an enterprise are shared by using a network disk service, in order to avoid leakage of important data materials in the enterprise, a team or an individual needs to be authorized according to the level, but the authorization of files under the network disk of the enterprise is mostly based on folders, namely, files under the same folder have the same authorization, when different authorities need to be granted to files under the same folder or certain files under different folders need to be granted the same authority, the files to be authorized need to be screened out firstly, then the screened files to be authorized are placed into one folder, then the folder is authorized, the operation is complicated, and the difficulty in authorizing the files to be authorized is increased obviously along with the increase of the storage quantity of the files in the network disk.
Disclosure of Invention
In view of this, the present invention provides a method, a system, a network disk and a storage medium for file authorization under an enterprise network disk, so as to achieve the purposes of improving the file authorization efficiency of the enterprise network disk and reducing the difficulty in authorizing a large number of files.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
in a first aspect, an embodiment of the present invention provides a method for file authorization under an enterprise network disk, including:
receiving label authorization operation, determining a corresponding label, and screening all files with the same label in an enterprise network disk according to the label;
determining a team or an individual authorized by the file according to the label authorization operation, and authorizing all the files with the same label to the team or the individual;
and determining the authority of the authorized team or the individual according to the authority conflict processing rule.
Further, the receiving a tag authorization operation, determining a corresponding tag, and screening all files with the same tag in the enterprise network disk according to the tag includes:
when label authorization operation is carried out according to a single label, all files or folders with the same label are screened from the enterprise network disk;
when label authorization operation is carried out according to the plurality of labels, at least two corresponding labels and connectors are determined, the combination relationship between the at least two corresponding labels is determined according to the connectors, and all files or folders which accord with the combination relationship are screened in the enterprise network disk according to the at least two corresponding labels and connectors.
Further, determining an authorized authority category according to the tag authorization operation;
further, the authorizing all documents with the same tag to the team or individual includes:
all files with the same label are authorized to the team or individual according to the permission category.
Further, the determining the authority of the authorized team or individual according to the authority conflict processing rule includes:
judging whether the authorized authority category of each file or folder is inconsistent with the existing authority category,
if the authorization is inconsistent, the authorization type authorized by the upper-level authorizer is taken as the standard; if the authorizer levels are the same, the permission categories are merged.
Determining whether the permission class granted by each file or folder is inconsistent with the permission class granted by other tags,
if the authorization is inconsistent, the authorization type authorized by the upper-level authorizer is taken as the standard; if the authorizer levels are the same, the permission categories are merged.
Judging whether the authority category of each file authorization is inconsistent with the authority category of the file authorization in the folder,
and when the file is inconsistent, the authority category authorized by the file is taken as the standard.
Further, when the file is uploaded or newly built, screening an existing file with similar characteristic information to the newly built file in the enterprise network disk according to the file characteristic information, extracting a label on the existing file into a label library, and generating a label for the newly built file according to the label library.
Further, the screening an existing file having similar characteristic information to the newly-created file in the enterprise network disk according to the file characteristic information, and extracting the tag on the existing file as a tag library, includes:
the method comprises the following steps of segmenting the name of a file or a file folder, comparing the existing file or the existing file folder with the same word in the matched name, extracting the label on the existing file or the existing file folder with the same word in the name as a name label library, and arranging the labels in the name label library according to the priority of name similarity; and/or
Matching the file type of the file or the file folder with the existing file type, extracting the labels on the existing file or the existing file folder with the same file type as a file type label library, and arranging the labels in the file type label library according to the priority of the name similarity; and/or
Extracting tags of a recently created file or folder into a time tag library, classifying the tags in the time tag library according to file types, and arranging the tags of each type according to name similarity priority;
the name similarity priority is ranked by the same number of words in the name, with the more the same number of words in the name, the higher the name similarity priority.
Further, the generating a tag for the new file according to the tag library includes:
and selecting at least one label as a label generated by the new file according to the label arrangement sequence in the label library.
In a second aspect, an embodiment of the present invention further provides a system for authorizing a file below an enterprise network disk, including:
the uploading module is used for storing the file into an enterprise network disk and generating a file label;
the authorization module is used for performing label authorization operation on the files in the enterprise network disk;
and the judging module is used for determining the authorized authority category according to the authority conflict processing rule after the label authorization operation is carried out.
In a third aspect, an embodiment of the present invention further provides a network disk, including:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the off-premise-for-enterprise-network-disk file authorization method described above.
In a fourth aspect, embodiments of the present invention also provide a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform the method for file authorization under an enterprise network disk as described above.
Compared with the prior art, the method, the system, the network disk and the storage medium for file authorization under the enterprise network disk have the following advantages:
the method, the system, the network disk and the storage medium for authorizing the files under the enterprise network disk can screen and authorize the files according to the labels of the files, so that the files under the enterprise network disk are authorized quickly, and the authorization efficiency of the files is improved. Secondly, through the tags generated on the files, the user can perform batch authorization operation on the files according to the tags, and the user can also screen the files through the tags generated on the files, so that the operation is simple and convenient, and the screening and authorization efficiency of the files can be improved. In addition, the authority conflict processing rule is set for the authorized file, so that the confusion of the authority after the file is authorized is avoided, and the subsequent normal use after the file is authorized is ensured.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate an embodiment of the invention and, together with the description, serve to explain the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of a method for authorizing a file under an enterprise network disk according to a first embodiment of the present invention;
fig. 2 is a flowchart of a method for authorizing a file under an enterprise network disk according to a second embodiment of the present invention;
fig. 3 is a flowchart of a method for authorizing a file under an enterprise network disk according to a third embodiment of the present invention;
fig. 4 is a flowchart of a method for authorizing a file under an enterprise network disk according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of a file authorization system under an enterprise network disk according to a fifth embodiment of the present invention;
fig. 6 is a schematic structural diagram of a net disk according to a sixth embodiment of the present invention.
Detailed Description
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
In the description of the present invention, it is to be understood that the terms "central," "longitudinal," "lateral," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," and the like are used in the orientations and positional relationships indicated in the drawings, which are based on the orientations and positional relationships indicated in the drawings, and are used for convenience in describing the present invention and for simplicity in description, but do not indicate or imply that the device or element so referred to must have a particular orientation, be constructed in a particular orientation, and be operated, and thus should not be construed as limiting the present invention. Furthermore, the terms "first", "second", etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first," "second," etc. may explicitly or implicitly include one or more of that feature. In the description of the present invention, "a plurality" means two or more unless otherwise specified.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meaning of the above terms in the present invention can be understood by those of ordinary skill in the art through specific situations.
The present invention will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Example one
Fig. 1 is a flowchart of a file authorization method under an enterprise network disk according to an embodiment of the present invention, where this embodiment is applicable to authorization work of existing tagged files in an enterprise network disk, and specifically includes the following steps:
and 110, receiving label authorization operation, determining a corresponding label, and screening all files with the same label in the enterprise network disk according to the label.
Because a large number of files may be stored in the enterprise network disk at the same time, and the files have different confidentiality levels or purposes, before the files are authorized, the files need to be screened according to the level, the requirement and the like of a team or an individual to be authorized, and the files needing to be authorized are selected and authorized to the team or the individual. However, as the file base number and the number of authorized files increase, the authorized files and unauthorized files can be stored in the enterprise network disk in a mess mode, and the difficulty of screening the required authorized files by the user will gradually increase.
In the prior art, a user can screen files through a file or folder screening function, but the method is low in efficiency, especially, authorized files required by the same level or the same purpose cannot be quickly screened out, the authorization conditions of the files and the folders are different, even if the files are screened out, the authorization conditions of the files are not regular, screening conditions are still required to be added for continuous screening, after the authorization conditions of all the files are separated out, the files can be further analyzed and authorized, and the screening and authorization difficulty of the files required to be authorized is further increased.
In the actual use process, the user may perform the authorization according to the files authorized by the same-level team or individual and the files with the same purpose, so in order to facilitate the user to quickly find the files of the same level or the same category, in this embodiment, a tag needs to be generated for the files. When the file authorization operation is carried out, files with the same label can be screened out from the enterprise net tray according to the label, and subsequent label authorization work is conveniently carried out.
And 120, determining a team or an individual authorized by the file according to the label authorization operation, and authorizing all the files with the same label to the team or the individual.
After determining the files needing to be authorized, the files need to be authorized to the determined team or person; in order to realize batch authorization of files, a plurality of batches of files with different labels can be authorized simultaneously, so that the authorization efficiency of the files is improved. For example, after the authorizer can select a plurality of tags, the authorizer can authorize the plurality of tags to a team or an individual at the same time, each tag can include a plurality of files or folders, and the selected tags can refer to the previously authorized file tags, so that screening and authorization of files with the same level or the same purpose are facilitated.
And step 130, determining the authority of the authorized team or the individual according to the authority conflict processing rule.
In order to satisfy multiple requirements of an authorizer for authorizing a file, the method for authorizing a file under an enterprise network disk according to this embodiment may include multiple rights conflict handling rules, and each of the rights conflict handling rules corresponds to one of the rights class conflict handling methods. After the authorization file and the authorized person are determined, the permission type conflict of the authorization file is processed according to the permission conflict processing rule, so that the final permission type of the authorization file is selected and determined, the authorization confusion caused by the fact that the same file is authorized to the same team or different individual permission types is avoided, and the follow-up authorization use of the file is met.
Optionally, in this embodiment, the file has at least one tag, and when a plurality of tags are on one file and the authorization of each tag is different, that is, one tag represents an authorization condition of the file, and the tag is bound to the authorization condition of the file. When the file is subsequently screened, the file can be screened through any one tag, and meanwhile, the tag also has the authorization condition of the file, which is equivalent to the authorization condition of the file obtained through the tag screening, so that an authorizer can screen the file through the tag, not only can obtain the corresponding file, but also obtain the files with the same authorization condition, so that the authorizer can quickly determine the files with the same level and the same purpose, and the authorizer can conveniently carry out subsequent file authorization operation.
Compared with the prior art, the file authorization method and the file authorization system have the advantages that files with the same level or the same purpose can be screened out through the tags, and the authorization condition of the files can be obtained according to the tags, so that the screening authorization difficulty of the files is reduced, and the authorization efficiency of the files is improved. Meanwhile, the final permission type of the authorized file is determined by setting the permission type conflict processing, so that the authorization confusion caused by different permission types of the same file authorized to the same team or individual is avoided, the subsequent authorized use of the file is met, and the permission confusion in the subsequent use process of the file is prevented.
Example two
Fig. 2 is a flowchart of a method for authorizing a file under an enterprise network disk according to a second embodiment of the present invention. In this embodiment, after all the files with the same tag are screened in the enterprise network disk according to the tag, the following steps are added:
when label authorization operation is carried out according to the plurality of labels, at least two corresponding labels and connectors are determined, the combination relationship between the at least two corresponding labels is determined according to the connectors, and all files or folders which accord with the combination relationship are screened in the enterprise network disk according to the at least two corresponding labels and connectors.
Correspondingly, the method for authorizing the file under the enterprise network disk provided by the embodiment specifically includes:
step 210, receiving tag authorization operation, determining a corresponding tag, and screening all files with the same tag in an enterprise network disk according to the tag;
step 220, when performing label authorization operation according to the plurality of labels, determining at least two corresponding labels and connectors, determining a combination relationship between the at least two corresponding labels according to the connectors, and screening all files or folders conforming to the combination relationship in the enterprise network disk according to the at least two corresponding labels and connectors.
Because every file all has a plurality of labels, in order to realize the accurate screening to the file, most authorizers can select a plurality of labels to screen the file, but when using a plurality of labels to screen, can lead to screening a plurality of files, a plurality of files that a plurality of labels represented, and a file that a plurality of labels represented are mixed each other, lead to authorizers can not filter the file that obtains needs fast, influenced the screening efficiency of file.
In this embodiment, a plurality of tags may be connected by using a connector to form a screening combination relationship, and the files in the enterprise network disk are screened according to the screening combination relationship; specifically, the authorizer can determine a proper screening combination relationship according to the file screening requirement, the screening combination relationship can be used for screening files with a plurality of labels, the authorizing party can also be used for screening files with single labels, and the connectors can be selected as required. Exemplarily, when a file with a plurality of tags needs to be selected, the connector may adopt a sum, that is, "& gt", the screening combination relationship may be tag & t, and the file with the three tags is obtained by screening, so as to realize accurate screening of the file and obtain the file that best meets the authorization; when a plurality of files with independent labels need to be selected, the connectors can adopt or, namely, "|", the screening combination relation can be a label of one | | | label of two | | | label of three, and the files with one of the three labels are obtained through screening, so that large-batch screening of the files is realized, and the authorization efficiency of subsequent batch files is improved conveniently.
In addition, the connector can also introduce a negative connector or a non-equal connector, for example, whether the connector can be used for rejecting files with certain labels in the batch files or not and reserving files needing authorization so as to improve the screening accuracy of the batch files. This embodiment is through combining together connector and label, constitutes the screening combinatorial relation, can further realize carrying out accurate screening to file in batches, improves the screening efficiency of big file in batches.
Step 230, according to the label authorization operation, determining a team or an individual authorized by the file, and authorizing all the files with the same label to the team or the individual.
And 240, determining the authority of the authorized team or the individual according to the authority conflict processing rule.
In this embodiment, after all the files with the same tag are screened in the enterprise network disk according to the tag, the following steps are added: when label authorization operation is carried out according to the plurality of labels, at least two corresponding labels and connectors are determined, the combination relationship between the at least two corresponding labels is determined according to the connectors, and all files or folders which accord with the combination relationship are screened in the enterprise network disk according to the at least two corresponding labels and connectors. The files needing to be authorized or the files in batches can be quickly screened through the steps, so that the screening authorization efficiency of the files is further improved, meanwhile, the accuracy of the file screening work can be improved, the files with the multiple labels and the files with the multiple labels are distinguished, the files needing to be authorized are accurately authorized according to user requirements, and the accuracy of file authorization is improved.
EXAMPLE III
Fig. 3 is a flowchart of a method for authorizing a file under an enterprise network disk according to a third embodiment of the present invention. In this embodiment, a team or an individual authorized by a file is determined according to the tag authorization operation, all files with the same tag are authorized to the team or the individual, and the authority of the authorized team or the individual is determined according to the authority conflict processing rule, which is specifically optimized as follows: and determining the authorized authority category according to the label authorization operation, authorizing all files with the same label to the team or the individual according to the authority category, and determining the authority category of the authorized team or the individual according to the authority category consistency rule.
Correspondingly, the method for authorizing the file under the enterprise network disk provided by the embodiment specifically includes:
and 310, receiving a label authorization operation, determining a corresponding label, and screening all files with the same label in the enterprise network disk according to the label.
And step 320, determining an authorized authority category according to the label authorization operation, and authorizing all files with the same label to the team or the individual according to the authority category.
Because the levels of the authorizers are different and the levels of the authorized persons are also different, after the corresponding labels are determined and the files needing to be authorized are screened out, the authority category of the file authorization also needs to be determined, the abuse or disorder of the file authorization authority is avoided, and the stable operation of a file authorization system under an enterprise network disk is ensured.
In this embodiment, the permission category includes a basic permission and an exclusive permission, wherein the basic permission is a permission for realizing normal use of a file or a folder; the unique authority is the authority used for realizing the authorization of the file or the folder according to the label; the unique authority is set in a grading way, the upper level unique authority authorizer is higher than the authorized person granted with the unique authority, so the authority class level granted to the file by the upper level authorizer is higher than the authority class level granted to the file by the lower level authorizer. For example, the base permissions may include: visible list, preview, download, link, move, copy, rename, delete, print, new (folder only), etc. The unique authority is the administrator authority, and a person granted with the unique authority is equivalent to a subordinate administrator of the file under the enterprise network disk, and an authorized person with the unique authority can perform next-level authorization on the file according to the label.
In the embodiment, the basic permission and the unique permission can be distinguished by setting the permission type, and the multi-level authorizers are arranged in the enterprise network disk, so that the number of authorizers capable of performing label authorization operation is increased, the rapid authorization of large-batch files in the enterprise network disk is facilitated, and the authorization efficiency of the files is improved. Meanwhile, by classifying the authorizers, the lower authorizer can be prevented from damaging the authority category granted by the upper authorizer, the authorization confusion is prevented, and the stability of the authorized file is ensured.
And step 330, determining the authority category of the authorized team or individual according to the authority category consistency rule.
Because the authorizers are classified, the number of authorizers is increased, so that authorization conflicts can be generated at a high probability after file authorization is performed among a plurality of authorizers with different grades and among a plurality of authorizers with the same grade, and if the authorization conflicts are not processed, the authority types of lower-level authorized persons can be disordered, so that the use of authorization files or the next authorization of the lower-level authorized persons is influenced, and the file authorization in an enterprise network disk is disordered.
In the embodiment, the authority category of the authorization file is judged according to the authority category consistency rule, so that the authority category of an authorization team or an individual is determined. Since the authorizers are classified in the above embodiment, the authorization category consistency rule can also perform subsequent conflict processing based on the authorizer grades, because the higher the authorizer grade is, the more the authorized number of the grasped files is, the higher the grade is in the enterprise, the stronger the control capability of the internal data of the enterprise is, and the files can be more accurately authorized to the corresponding team or individual, so that the authorizers can be classified into a plurality of grades, the authorizers in the enterprise are classified into a plurality of grades, the authorizer grade of the upper grade is higher than the authorizer grade of the lower grade, when the authorization category conflicts are processed, the authorization category authorized by the upper grade authorizer can be used for replacing the authorization category authorized by the lower grade authorizer, the authorization categories among the peer authorizers can be merged, and then the conflict processing of the authorization category can be realized.
For example, the following rules may be adopted as the permission category consistency rule in the present embodiment:
judging whether the authority category authorized by each file or folder is inconsistent with the existing authority category, and if the authority category authorized by the upper-level authorizer is inconsistent, taking the authority category authorized by the upper-level authorizer as a standard; if the levels of the authorizers are the same, merging the permission types; and/or
Judging whether the authority category authorized by each file or folder is inconsistent with the authority category authorized by other labels, and if the authority category authorized by the upper-level authorizer is inconsistent, taking the authority category authorized by the upper-level authorizer as the standard; if the levels of the authorizers are the same, merging the permission types; and/or
And judging whether the authority category of each file authorization is inconsistent with the authority category of the file authorization, and if so, taking the authority category of the file authorization as the standard, and more accurately authorizing based on the file, so that the authority of the file authorization is the standard.
It should be noted that after the permission types are merged, the permission type represented by a single label remains unchanged, and only the authorization condition of the file itself changes. The permission type represented by a single label is unchanged, and the label is mainly used for ensuring that the label still has an identification of an authorization condition in the subsequent file screening process, avoiding disorder of subsequent file screening authorization, facilitating screening authorization of the file by a subsequent authorizer, and being beneficial to improving convenience of file authorization under an enterprise network disk.
In the embodiment, by setting the permission type, the file authorization can be managed in a grading manner, the number of authorizers capable of performing label authorization operation under the enterprise network disk is increased, and the file authorization efficiency under the enterprise network disk is improved. By setting the permission type consistency rule, the file permission type of an authorization team or an individual can be accurately determined, file authorization confusion is avoided, subsequent screening, authorization and use of files are ensured, and the accuracy of the file authorization method under the enterprise network disk is improved from a memory.
Example four
Fig. 4 is a flowchart of a file authorization method under an enterprise network disk according to a fourth embodiment of the present invention. In this embodiment, when a file is uploaded or newly created, an existing file having similar characteristic information to the newly created file is screened from the enterprise network disk according to the file characteristic information, a tag on the existing file is extracted as a tag library, and a tag is generated for the newly created file according to the tag library.
Correspondingly, the method for authorizing the file under the enterprise network disk provided by the embodiment specifically includes:
and step 410, when the file is uploaded or newly built, screening an existing file with similar characteristic information as the newly built file in the enterprise network disk according to the file characteristic information, extracting the label on the existing file into a label library, and generating a label for the newly built file according to the label library.
Because enterprise network disk often needs to increase new file in to enterprise network disk in the use to satisfy the operation demand of enterprise, for the follow-up label authorization operation that carries on of file this moment, need generate the label to new file, nevertheless because file label kind is more in enterprise network disk, if look for the comparison to the file, manual labelling, then complex operation, inefficiency. Therefore, the label can be generated for the new file according to the label information of the existing file, so that the efficiency of uploading and generating the label of the file is improved, and the subsequent file authorization operation is ensured to be performed quickly.
Specifically, existing files with similar characteristic information to the newly-built file can be screened from the enterprise network disk according to the file characteristic information, the labels on the existing files are extracted to be a label library, then the labels in the label library are arranged according to the priority according to the characteristic information similarity corresponding to the files, the labels with higher characteristic information similarity are preferentially arranged, and then at least one label is selected to be used as a label generated by the newly-built file according to the arrangement sequence of the labels in the label library, so that the new file is ensured to obtain the label which is the same as the existing file with the highest similarity, namely the label with the same level or the same purpose is used as a generated label of the new file.
In the actual application process, at least three labels can be selected as the labels generated by the new file, the three labels can be respectively the most similar name, the most similar file type and the most similar creation time, so that the three labels can represent three existing files which are most matched with the new file, namely, the labels on the three existing files which are closest to the new file can be simultaneously generated on the new file, and under the normal condition, at least one of the three labels can represent the level and the purpose of the new file so as to improve the accuracy of generating the new file label.
For example, the feature information uses the name, the file type, and the creation time to create a tag information base, including:
dividing the names of the files or the folders into short words or characters, comparing the names with the existing files or the existing folders with the same words and characters in the matched names, extracting the labels on the existing files or the existing folders with the same words in the names as a name label library, and arranging the labels in the name label library according to the priority of the name similarity; and/or
Matching the file type of the file or the file folder with the existing file type, extracting the labels on the existing file or the existing file folder with the same file type as a file type label library, and arranging the labels in the file type label library according to the priority of the name similarity; and/or
Extracting the labels of the recently created files or folders as a time label library, classifying the labels in the time label library according to the file types, and arranging the labels of each type according to the priority of name similarity.
Because the file names under the same project in the enterprise network disk generally have similarity, the file names are arranged by adopting the name similarity, and more accurate labels can be screened; the name similarity priority is classified according to the same number of words in the name, and the more the same number of words in the name is, the higher the name similarity priority is; by determining the name similarity priority, not only can the existing file tags closest to the new file in the name tag library be screened out, but also the tags on the existing file with the name closest to the new file in the file type tag library and the creation time tag library can be screened out, so that a secondary screening standard is provided for the file type tag library and the creation time tag library, and the accuracy of tag screening in the file type tag library and the creation time tag library is improved.
Step 420, receiving a tag authorization operation, determining a corresponding tag, and screening all files with the same tag in the enterprise network disk according to the tag.
Step 430, according to the label authorization operation, determining a team or an individual authorized by the file, and authorizing all the files with the same label to the team or the individual.
In this embodiment, when uploading or creating a new file, the following steps are added: the existing files with similar characteristic information to the new files are screened from the enterprise network disk according to the file characteristic information, the labels on the existing files are extracted as a label library, and the labels are generated for the new files according to the label library, so that the problem of label generation generated when the files are uploaded or newly built is solved. The feature information of the newly-built file is compared with the feature information of the existing file for searching, a label library is generated, labels in the label library are arranged according to the similarity, the labels on the existing file closest to the new file (namely, the similarity is highest) can be obtained, the labels are used as the basis of the new file generation labels, and the relatively accurate new file labels can be obtained, so that the manual operation of a user is reduced, the file uploading or new building efficiency is improved, the user can conveniently perform authorization operation subsequently according to the labels, and the label authorization efficiency in an enterprise network disk is further improved.
EXAMPLE five
Fig. 5 is a schematic structural diagram of an enterprise network disk file authorization system according to a fifth embodiment of the present invention, and as shown in fig. 5, the enterprise network disk file authorization system includes:
an upload module 510, configured to store the file in an enterprise network disk, and generate a file tag;
the authorization module 520 is configured to perform tag authorization on a file in the enterprise network disk;
the determining module 530 is configured to determine an authorized permission type according to the permission conflict processing rule after performing the tag authorization operation.
The file authorization system under the enterprise network disk provided by the embodiment generates the label for the file in the enterprise network disk, so that the user can perform label authorization operation on the file through the system, issue the file authorization in the enterprise network disk to a subordinate team or an individual, and authorize the file according to the label, thereby reducing the authorization difficulty of the file and improving the file authorization efficiency.
EXAMPLE six
Fig. 6 is a schematic structural diagram of a mesh disc according to a sixth embodiment of the present invention. Fig. 6 shows a block diagram of an exemplary mesh disk 12 suitable for use in implementing embodiments of the present invention. The mesh tray 12 shown in fig. 6 is only an example, and should not bring any limitation to the function and the use range of the embodiment of the present invention.
As shown in fig. 6, the network disk 12 is in the form of a general purpose computing device. The components of the mesh tray 12 may include, but are not limited to: one or more processors or processing units 16, a memory 28, and a bus 18 that couples various system components including the memory 28 and the processing unit 16.
Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, micro-channel architecture (MAC) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
The mesh tray 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by the network disk 12 and includes both volatile and nonvolatile media, removable and non-removable media.
The memory 28 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM) 30 and/or cache memory 32. The network disk 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 6, and commonly referred to as a "hard drive"). Although not shown in FIG. 6, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally carry out the functions and/or methodologies of the described embodiments of the invention.
The network disk 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), with one or more devices that enable a user to interact with the network disk 12, and/or with any devices (e.g., network card, modem, etc.) that enable the network disk 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Also, the network disk 12 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the Internet) via the network adapter 20. As shown, the network adapter 20 communicates with the other modules of the network disk 12 via the bus 18. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the network disk 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processing unit 16 executes various functional applications and data processing by running the program stored in the memory 28, for example, to implement the link mix file screening method provided by the embodiment of the present invention.
EXAMPLE seven
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform any one of the methods for file authorization under an enterprise network disk as provided in the foregoing embodiments.
Computer storage media for embodiments of the invention may employ any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (10)

1. A method for file authorization under an enterprise network disk is characterized by comprising the following steps:
receiving label authorization operation, determining a corresponding label, and screening all files with the same label in an enterprise network disk according to the label;
determining a team or an individual authorized by the file according to the label authorization operation, and authorizing all the files with the same label to the team or the individual;
determining the authority of an authorized team or an individual according to the authority conflict processing rule;
determining the authorized authority category according to the label authorization operation; judging whether the authority category authorized by each file or folder is inconsistent with the existing authority category, and if the authority category authorized by the upper-level authorizer is inconsistent, taking the authority category authorized by the upper-level authorizer as a standard; if the levels of the authorizers are the same, merging the permission types;
authorizing all files with the same tag to the team or individual, including:
authorizing all files with the same label to the team or the individual according to the permission type;
the permission types comprise basic permission and unique permission, wherein the basic permission is the permission for realizing the normal use of the file or the folder; the unique authority is the authority used for realizing the authorization of the file or the folder according to the label; the unique authority is set in a grading way, the upper level unique authority authorizer is higher than the authorized person granted with unique authority at the lower level, so the authority class grade granted to the file by the upper level authorizer is higher than the authority grade granted to the file by the lower level authorizer; the basic rights include: visible list, preview, download, link, move, copy, rename, delete, print, newly create folder; the unique authority is the administrator authority, and a person granted with the unique authority is equivalent to a subordinate administrator of the file under the enterprise network disk, and an authorized person with the unique authority can perform next-level authorization on the file according to the label.
2. The method of claim 1, wherein the receiving tag authorization operations, determining corresponding tags, and screening all files in the enterprise network disk having the same tags according to the tags comprises:
when label authorization operation is carried out according to a single label, all files or folders with the same label are screened from the enterprise network disk;
when label authorization operation is carried out according to the plurality of labels, at least two corresponding labels and connectors are determined, the combination relationship between the at least two corresponding labels is determined according to the connectors, and all files or folders which accord with the combination relationship are screened in the enterprise network disk according to the at least two corresponding labels and connectors.
3. The method of claim 1, wherein determining the authority of an authorized team or individual according to the authority conflict handling rules further comprises:
determining whether the permission class granted by each file or folder is inconsistent with the permission class granted by other tags,
if the authorization is inconsistent, the authorization type authorized by the upper-level authorizer is taken as the standard; if the authorizer levels are the same, the permission categories are merged.
4. The method of claim 1, wherein determining the authority of an authorized team or individual according to the authority conflict handling rules further comprises:
judging whether the authority category of each file authorization is inconsistent with the authority category of the file authorization in the folder,
and when the file is inconsistent, the authority category authorized by the file is taken as the standard.
5. The method of claim 1, further comprising:
when a file is uploaded or newly built, screening an existing file with similar characteristic information to the newly built file in an enterprise network disk according to the file characteristic information, extracting a label on the existing file into a label library, and generating a label for the newly built file according to the label library.
6. The method of claim 5, wherein the screening existing files in the enterprise network disk having similar characteristic information as the new file according to the file characteristic information, and extracting the tags on the existing files as a tag library comprises:
the method comprises the following steps of segmenting the name of a file or a file folder, comparing the existing file or the existing file folder with the same word in the matched name, extracting the label on the existing file or the existing file folder with the same word in the name as a name label library, and arranging the labels in the name label library according to the priority of name similarity; and/or
Matching the file type of the file or the file folder with the existing file type, extracting the labels on the existing file or the existing file folder with the same file type as a file type label library, and arranging the labels in the file type label library according to the priority of the name similarity; and/or
Extracting tags of a recently created file or folder into a time tag library, classifying the tags in the time tag library according to file types, and arranging the tags of each type according to name similarity priority;
the name similarity priority is ranked by the same number of words in the name, with the more the same number of words in the name, the higher the name similarity priority.
7. The method of claim 5, wherein the generating a tag for the new file according to the tag library comprises:
and selecting at least one label as a label generated by the new file according to the label arrangement sequence in the label library.
8. An enterprise off-network-disk file authorization system, comprising:
the uploading module is used for storing the file into an enterprise network disk and generating a file label;
the authorization module is used for performing label authorization operation on the files in the enterprise network disk;
the judging module is used for determining the authorized authority category according to the authority conflict processing rule after the label authorization operation is carried out;
determining the authorized authority category according to the label authorization operation; judging whether the authority category authorized by each file or folder is inconsistent with the existing authority category, and if the authority category authorized by the upper-level authorizer is inconsistent, taking the authority category authorized by the upper-level authorizer as a standard; if the levels of the authorizers are the same, merging the permission types;
authorizing all files with the same tag to the team or individual, including:
authorizing all files with the same label to a team or an individual according to the permission type;
the permission types comprise basic permission and unique permission, wherein the basic permission is the permission for realizing the normal use of the file or the folder; the unique permission is a permission for realizing the authorization of the file or the folder according to the label; the unique authority is set in a grading way, the upper level unique authority authorizer is higher than the authorized person granted with unique authority at the lower level, so the authority class grade granted to the file by the upper level authorizer is higher than the authority grade granted to the file by the lower level authorizer; the basic rights include: visible list, preview, download, link, move, copy, rename, delete, print, newly create folder; the unique authority is the administrator authority, and a person granted with the unique authority is equivalent to a subordinate administrator of the file under the enterprise network disk, and an authorized person with the unique authority can perform next-level authorization on the file according to the label.
9. A mesh tray, characterized in that it comprises:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the enterprise network disk file authorization method of any of claims 1-7.
10. A storage medium containing computer-executable instructions for performing the method of enterprise network disk file authorization according to any of claims 1-7 when executed by a computer processor.
CN202111636264.2A 2021-12-30 2021-12-30 Method, system, network disk and storage medium for file authorization under enterprise network disk Active CN114003963B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111636264.2A CN114003963B (en) 2021-12-30 2021-12-30 Method, system, network disk and storage medium for file authorization under enterprise network disk

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111636264.2A CN114003963B (en) 2021-12-30 2021-12-30 Method, system, network disk and storage medium for file authorization under enterprise network disk

Publications (2)

Publication Number Publication Date
CN114003963A CN114003963A (en) 2022-02-01
CN114003963B true CN114003963B (en) 2022-05-06

Family

ID=79932213

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111636264.2A Active CN114003963B (en) 2021-12-30 2021-12-30 Method, system, network disk and storage medium for file authorization under enterprise network disk

Country Status (1)

Country Link
CN (1) CN114003963B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114417390B (en) * 2022-03-30 2022-07-26 天津联想协同科技有限公司 Method and device for synchronizing data of network disk organization account, network disk and storage medium
CN114676093B (en) * 2022-05-25 2022-09-02 天津联想协同科技有限公司 File management method and device, electronic equipment and storage medium
CN114942912B (en) * 2022-07-25 2022-12-23 天津联想协同科技有限公司 Network disk file collection method and device, network disk and storage medium
CN116016553B (en) * 2023-03-27 2023-08-11 天津联想协同科技有限公司 File sharing method and device based on network disk, network disk and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102387145A (en) * 2011-10-21 2012-03-21 北京航空航天大学 System and method for detecting access control strategy collision in collaborative environment
CN103560994A (en) * 2013-08-16 2014-02-05 中山大学 Context-aware-based security access control method for RFID system
CN106850743A (en) * 2016-12-21 2017-06-13 腾讯科技(深圳)有限公司 A kind of business authorization method and device
CN111539189A (en) * 2020-07-06 2020-08-14 北京联想协同科技有限公司 Method and device for setting authority for online editing document and storage medium
CN111611324A (en) * 2020-05-06 2020-09-01 中国科学院信息工程研究所 Cross-domain access strategy optimization method and device
CN111858486A (en) * 2020-07-03 2020-10-30 北京天空卫士网络安全技术有限公司 File classification method and device

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7191216B2 (en) * 2001-10-03 2007-03-13 Nokia Corporation System and method for controlling access to downloadable resources
US7827595B2 (en) * 2003-08-28 2010-11-02 Microsoft Corporation Delegated administration of a hosted resource
CN100592315C (en) * 2008-08-29 2010-02-24 中国科学院软件研究所 XACML policy rule checking method
US8228542B2 (en) * 2009-03-31 2012-07-24 1st Management Services, Inc. Systems and methods for storing multiple records using identifiers, storage locations, and attributes associated with electronic documents
CN102236750B (en) * 2010-04-29 2016-03-30 国际商业机器公司 The method and apparatus of control of authority is carried out in cloud storage system
GB2507339A (en) * 2012-10-29 2014-04-30 Ibm Accessing privileged objects in a server by means of semi privileged instruction
CN104468615B (en) * 2014-12-25 2018-03-20 西安电子科技大学 file access and modification authority control method based on data sharing
US9800659B2 (en) * 2015-02-02 2017-10-24 International Business Machines Corporation Enterprise peer-to-peer storage and method of managing peer network storage
US10409779B2 (en) * 2016-08-31 2019-09-10 Microsoft Technology Licensing, Llc. Document sharing via logical tagging
US10977361B2 (en) * 2017-05-16 2021-04-13 Beyondtrust Software, Inc. Systems and methods for controlling privileged operations
CN112261058A (en) * 2020-03-16 2021-01-22 陈力 Smart home access authorization method, smart home system and server
CN111475784B (en) * 2020-04-03 2023-05-05 深圳集智数字科技有限公司 Authority management method and device
CN111914282B (en) * 2020-08-18 2021-10-08 广州威尔森信息科技有限公司 File management analysis method and system
CN112149112B (en) * 2020-09-22 2023-12-05 京东方科技集团股份有限公司 Enterprise information security management method based on authority separation
CN113094560A (en) * 2021-05-07 2021-07-09 国家电网有限公司大数据中心 Data label library construction method, device, equipment and medium based on data middlebox
CN113505378A (en) * 2021-05-31 2021-10-15 珠海金山办公软件有限公司 Authority setting method, electronic equipment and computer storage medium
CN113806777A (en) * 2021-09-18 2021-12-17 深圳须弥云图空间科技有限公司 File access realization method and device, storage medium and electronic equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102387145A (en) * 2011-10-21 2012-03-21 北京航空航天大学 System and method for detecting access control strategy collision in collaborative environment
CN103560994A (en) * 2013-08-16 2014-02-05 中山大学 Context-aware-based security access control method for RFID system
CN106850743A (en) * 2016-12-21 2017-06-13 腾讯科技(深圳)有限公司 A kind of business authorization method and device
CN111611324A (en) * 2020-05-06 2020-09-01 中国科学院信息工程研究所 Cross-domain access strategy optimization method and device
CN111858486A (en) * 2020-07-03 2020-10-30 北京天空卫士网络安全技术有限公司 File classification method and device
CN111539189A (en) * 2020-07-06 2020-08-14 北京联想协同科技有限公司 Method and device for setting authority for online editing document and storage medium

Also Published As

Publication number Publication date
CN114003963A (en) 2022-02-01

Similar Documents

Publication Publication Date Title
CN114003963B (en) Method, system, network disk and storage medium for file authorization under enterprise network disk
US20220043828A1 (en) Systems and methods for importing data from electronic data files
US20180075138A1 (en) Electronic document management using classification taxonomy
US8751919B2 (en) Creation and retrieval of global annotations
US10740550B1 (en) Network-accessible data management service with web-of-sheets data model
US20200081967A1 (en) User interface for contextual document recognition
CN111512315A (en) Block-wise extraction of document metadata
CN111813804B (en) Data query method and device, electronic equipment and storage medium
CN112559095A (en) Target service execution method, system, server and storage medium
CN112307052A (en) Data management method, service system, terminal and storage medium
CN113902574A (en) Protocol data processing method, device, computer equipment and storage medium
CN115544257B (en) Method and device for quickly classifying network disk documents, network disk and storage medium
CN111831750A (en) Block chain data analysis method and device, computer equipment and storage medium
US9069884B2 (en) Processing special attributes within a file
CN115167785A (en) Label-based network disk file management method and device, network disk and storage medium
CN111159158B (en) Data normalization method and device, computer readable storage medium and electronic equipment
JPH10111834A (en) Data management device for equipment analysis
CN113920519A (en) File detection method, terminal device and storage medium
CN111352985A (en) Data service platform, method and storage medium based on computer system
CN116010356B (en) Method, device, network disk and storage medium for quickly previewing file through label
CN112631998B (en) Folder display method and related equipment
CN116016553B (en) File sharing method and device based on network disk, network disk and storage medium
CN113672565B (en) File marking method and device, electronic equipment and storage medium
CN115859909B (en) Collaborative document annotation display method, collaborative document annotation display device, server and storage medium
US11860904B2 (en) Determining and propagating high level classifications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant